pam_propperpwnam A PAM module that uses the entered login name as key to query the password database configured through nsswitch.conf and replaces the login name with what has been returned. On the typical system this module performs an identity transform. The main usage scenario are systems in networks where a user name is used in several distinct authentication systems, some of them being case sensitive and others not. For example the mail system may do case insensitive username lookups, while the workstations are case sensitive. In such environments users are often puzzeled about a username working in one situation does not work in another. Actually this module has been written for this very reason. CONFIGURATION pam_propperpwnam.so needs no configuration except adding it as "optional" early in in the list of PAM modules executed for user authentication. A good place in most distributions is /etc/pam.d/common-auth Example configuration, authentication with rewritten username against Kerberos5 infrastructure: auth [success=done new_authtok_reqd=done default=ignore] pam_unix.so auth optional pam_propperpwnam.so auth required pam_krb5.so use_first_pass forwardable auth required pam_permit.so auth optional pam_group.so BUGS AND ISSUES Probably there are some, but they are not known yet. AUTHOR Wolfgang Draxinger, Wolfgang.Draxinger@physik.uni-muenchen.de